The HellCat ransomware group has once again demonstrated its relentless focus on exploiting Jira credentials stolen through infostealer malware by targeting four new organizations.
You can get the details here: https://www.infostealers.com/article/hellcat-ransomware-group-strikes-again-four-new-victims-breached-via-jira-credentials-from-infostealer-logs/
Jim Routh, Chief Trust Officer at Saviynt had the following comment:
“This series of ransomware attacks originated from an increasingly common root cause, passwords to cloud accounts essential for software engineering (like Jira), are compromised and then sold to other criminals.
Enterprises have an opportunity (and perhaps an obligation) to treat enterprise users of cloud accounts critical to software engineering in the same way as privileged users. Continuous identity validation and risk scoring are essential for enterprise identity posture management.”
I’ll add to that some form of passwordless solution might be helpful here. Because an infostealer can’t steal a password that doesn’t exist.
Related
This entry was posted on April 8, 2025 at 2:55 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
HellCat Ransomware Hits 4 Firms Via Jira Credentials from Infostealer Logs
The HellCat ransomware group has once again demonstrated its relentless focus on exploiting Jira credentials stolen through infostealer malware by targeting four new organizations.
You can get the details here: https://www.infostealers.com/article/hellcat-ransomware-group-strikes-again-four-new-victims-breached-via-jira-credentials-from-infostealer-logs/
Jim Routh, Chief Trust Officer at Saviynt had the following comment:
“This series of ransomware attacks originated from an increasingly common root cause, passwords to cloud accounts essential for software engineering (like Jira), are compromised and then sold to other criminals.
Enterprises have an opportunity (and perhaps an obligation) to treat enterprise users of cloud accounts critical to software engineering in the same way as privileged users. Continuous identity validation and risk scoring are essential for enterprise identity posture management.”
I’ll add to that some form of passwordless solution might be helpful here. Because an infostealer can’t steal a password that doesn’t exist.
Share this:
Like this:
Related
This entry was posted on April 8, 2025 at 2:55 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.